I only ever use Tor for security research and with the nature of my particular work, I don't have a reason to download files but...<p>If I did and I cared about anonymity I would never download a file unless all internet on my machine or VM was piped through Tor (such as using Whonix or some dedicated security appliance). If I was using the Tor browser I wouldn't even even turn on Javascript without those protections for that matter.<p>On the other side of the spectrum, running Tor on Windows is insane. Almost every flaw I have seen in Tor mostly or only effects Windows users.
The list of file formats that can trigger the viewer to fetch a resource over the internet is so large that it's impossible to cover them all. Unless you're working with plain text or something you <i>know</i> is safe, don't open files downloaded over Tor if you're running on a standard OS (and not, say, in a whonix workstation that's isolated from direct internet connections).
Tor was developed by the US Naval Research Laboratory as a munition (that's the strong view of cryptography and developing munitions is what NRL does). There are a number of assumptions baked into it's design. Among them is hygiene appropriate when handling munitions in the external operating environment.<p>Viewed as a munition, the fact that Tor source code was opened up more than a decade ago but well into the post-Patriot act era suggests that its direct value as a munition had become less significant. However, since the release seems to have had the effect of retarding development of alternatives for some years, this might be seen as an indirect value of Tor as a munition.<p>Practically speaking, Tor on its own and absent an ecosystem of serious security hygiene, is likely to leak data to an attacker with targeted intelligence and barely non-trivial technical means. Because relatively few people have the will and the technical skill and the need to do all the other things that are required to use Tor in a secure manner.<p>Or to put it another way, in the context of the GWOT, it seems likely to me that Naval Research Labs only provided a free and unlimited crytpographic munition only because it could readily defeat its use by adversaries.
What's the standard way to use Tor for people who are really diligent with their operational security?<p>Personally I haven't used Tor except for short casual testing. But if my personal security would depend on the anonymity provided by Tor, I think I'd seriously consider adding an additional layer of protection to avoid information leaking out "to the sides".
Not just windows DRM files. Specifying a special codec is enough to trigger an auto download attempt in certain players. You can even embed smil animations in quicktime files to trigger content downloads.<p>This is why the feds want to redistribute child porn for weeks at a time. They can't break tor to de-anonymize users. They need to distribute files with beacons in them for this plan to work. Never mind that the police have become the child porn traffickers.<p><a href="http://disinfo.com/2016/01/why-did-the-fbi-operate-a-child-porn-site/" rel="nofollow">http://disinfo.com/2016/01/why-did-the-fbi-operate-a-child-p...</a>
While true this is like any other file type that connects back to the internet. It has nothing at all to do with DRM in particular.<p>For example you could download a HTML file over Tor, that file could have a <img /> tag in it which reveals your real IP when you open it in the non-Tor browser. Ditto with Office macros, any scripting language, Adobe Reader, etc. If you're going to just accept through warning dialogs then you're in trouble.
OFFTOPIC: Does anyone know the name of the song from that video? I searched for the title of what was playing, but only came up with some weird anime soundtracks for some reason.
It would be interesting to see if this could be extended to images? Can't Windows DRM be used with certain image formats? It's just a thought.
>such a niche attack<p>Niche indeed. The potential target group of users who think "just use Tor and you're safe" is vanishing rapidly.